On Thu, 2005-02-10 at 11:16 -0700, jb wrote: > On your second issue: > > My old boss, who houses, but does not own, the servers for the new grant > I work for, puts accessibilty over security on all fronts. He still > wants unfettered FTP and VNC access from his home to our production > servers and workstations (he doesn't even like the idea of putting them > on a 10. address, and hates the idea of a dedicated firewall). We've had > a couple of security exploits lately, and he asked me, "Is this because > we're using open source and the bad guys can see the source code?" To > which I responded, "There is no security through obscurity." End of > discussion.
If he doesn't care about his security, why should anyone else? He deserves what he gets. On the "security through obscurity" issue, I believe there is a measure of security to be found there. It's a false sense of security and obviously it works for some people. I think it's inferior, but your old boss has demonstrated that people will take something inferior and all the problems that come from it. > In a meeting with an OIT guy, to see if we could compromise the > accessibilty/security issues, he said, "I'm not opposed to spending > money on something to fix the problem." Again, reference to > closed-source being superior. I also worked with a guy who had done an > internship at M$, and he straight-up told me, "All open source can do is > copy what proprietary systems are already doing." I hear this crap all the time. It just shows that they have NO clue. You can safely ignore everything they say from that point on. > So, yes, there is this attitude that paying for something must mean it's > of high quality. However, to quote a recent /. question to a > microsoftie: Did microsoft think free was inferior when they gave > explorer away? > > --jeremy -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
